Skip to main content
Tag

iot systems management

|

100 Million IoT Devices Exposed

By News

Z-Wave IoT Devices Exposed

Z-Wave, a protocol primarily used for home automation, is vulnerable to security downgrade attacks.

According to the Z-Wave Alliance, an organization dedicated to advancing Z-Wave, the protocol is currently used by 700 companies in over 2,400 IoT and smart products. It is estimated that over 100 Million IoT devices are affected.

It turns out that a variant of this downgrade attack was discovered last year by cybersecurity consulting firm SensePost, but the vendor told experts at the time that the risk was being mitigated by users being notified when additional pairing of devices were established.

Manage the IoT

Syxsense will give you a simple view of all of the IoT devices and provide you the information you need to keep yourself better protected. Sign up for a free trial today to get started.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
June 5, 2018
Love0
|

FBI Warning: Reset Your Routers

By News

FBI, DHS, and UK Authorities issue warning over VPNFilter

The FBI, DHS and UK authorities have issued a warning for the VPNFilter malware threat. According to Alert TA18-145A, there are concerns that actors will use VPNFilter to target routers and “collect intelligence, exploit local area network (LAN) devices, and block actor-configurable network traffic.”

Cisco researchers have indicated the following devices are known to be vulnerable:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • MikroTik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

The warning instructs that you install any new firmware for your routers and, after updating, reset your router. Even if you don’t have one of the listed devices, its recommended you update and reset your router as well.

Also, as a good practice and to protect yourself from repeat infection, ensure your router administration credentials are not set to the factor default.

According to Cisco’s Talos, the VPNFilter malware is known to have already infected at least 500,000 network devices across 54 countries.

This clearly illustrates an important IT lesson: relying solely on your firewall for protection isn’t enough. Malware is becoming more sophisticated and actors are looking for any way into your environment.

What to do:

IT departments need to keep their firmware up to date, but also keep patching regularly. Use a patching solution like Syxsense to ensure you’ll never have a lapse in important updates. CMS detects which devices need updates and the severity of those updates. Then you can schedule a time-frame in which to automatically deploy needed updates. This ensures every device is secured without interrupting business hours.

Check out a better way to manage your environment. Start a trial with Syxsense

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
May 29, 2018
Love0
||

The Rapid Rise of the IoT

By News

The IoT is Here to Stay: Risks Included

Research from Metova has revealed the current scale of smart product adoption in the United States.  According to Metova, 90 percent of U.S users now own some form of smart device.

This shows the IoT has truly reached mass adoption across the country. This also presents inherent risks to everyone connected to the Internet of Things. At this scale of growth, taking action to manage the IoT is critical and urgent.

Other observations include:

  • Over 90% surveyed have made a purchase of a connected home device.
  • Nearly 70% already have a voice-controlled system such as an Amazon Alexa or Google Home.
  • 58% percent of people who own a connected home device are concerned about how it may impact their privacy.
  • 74% of respondents think connected home devices are the wave of the future.
  • Over 30% who do not have a connected home device plan to make a purchase within the year.

Manage the IoT

Robert Brown, Director of Services for Verismic said, “As our ownership of smart technology expands, there will become a moment in time when you will no longer have the instant knowledge of the devices in your home or office which could be used to expose critical vulnerabilities, breach your network or steal your identity.

Syxsense will give you a simple view of all of the IoT devices in your home or office, and provide you the information you need to keep yourself better protected.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
May 21, 2018
Love0
||

Ocean’s IoT: Casino Hacked Through Fish Tank

By News

Casino Infiltrated through Internet-Connected Fish Tank Thermometer

Picture this: Jazzy music underscores George Clooney’s Danny Ocean pulling off another daring heist. He’s gathered his crew and it’s go time. Their entry point? A fish tank in the lobby.

Okay, maybe that’s not the best physical access point, but it is how hackers stole data from an unnamed North American casino.

According to Nicole Eagan, CEO of Darktrace, malicious actors manipulated a vulnerability in an internet-connected fish tank thermometer and stole data the casino had collected on their high-roller gamblers.

This is yet another stunning example of how the IoT can create unconventional breaches.

The only way to protect your environment is to identify all connected devices. How can you expect to manage your environment if you don’t even know how many devices there are? Finding all those devices is no simple task; it’s estimated there are already over 8.4 billion connected devices!

Managing IoT Devices

Syxsense is at the forefront of IoT device management. Our discovery solution can detect every device connected to your network; not just desktops, laptops, and servers.

Plug the holes in your environment before they sink your ship.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
April 20, 2018
Love0
||

Could Your IoT Devices be Hacked with a Google Search?

By News

Most Companies Are Unprepared for the IoT

Researchers at Ben-Gurion University warn that hackers have an unexpected resource in exploiting your environment: a Google search. IoT device manufactures set a default password for their devices, sometimes even sharing passwords between brands.

“It only took 30 minutes to find passwords for most of the devices [used in the testing] and some of them were found merely through a Google search of the brand,” said Omer Shwartz, a Ph.D. student and researcher at Ben-Gurion.

Thanks to a survey by ForeScout and CensusWide, we also have an eye-opening view into how unprepared companies are for the Internet of Things.

500 CIOs and IT managers provided data and here are the take aways:

  • Approximately 15% do no keep security patches up to date.
  • 47% don’t change the default passwords on devices.
  • Up to 46% said they did not have a full view of the devices connected to their networks.

This is startling. Nearly half of the businesses involved in the survey couldn’t even begin managing their IoT devices. With no way to see which devices are connected to their network, they wouldn’t be able to patch or manage vulnerable devices.

Myles Bray, vice president of EMEA at ForeScout, stated: “IoT has expanded the attack surface considerably for all firms, and without basic security hygiene it is easy for bad actors to gain a foothold and then move laterally on a network to reach high-value assets and cause business disruption.”

When asked about the results of the survey Natan Bandler, CEO and Co-Founder of Cy-OT, added “What is needed is a dedicated cybersecurity solution that is monitoring both the IoT device and its activity…By doing this, an organization will be able to detect when and which devices are at risk.”

IoT Device Management

To detect all of your IoT devices, look to Syxsense. Our product is the first to be able to scan and identify the IoT devices connected to your environments.

Learn more about our IoT capabilities with our video and by starting a trial today!

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
April 11, 2018
Love0
|||

IoT Report: Q1 2018

By News

What do the numbers tell us?

As far back as 2006, there were already 2 billion devices within the Internet of things. By 2016, that number had grown to 6.38 billion.

Now it’s estimated that there are currently over 8.4 billion devices, with that number expected to grow to 11.19 billion by the end of 2018. According to Gartner, by 2020 the number of IoT devices will explode to over 20 billion.

Juniper Research estimates that by 2022 businesses will spend $134 billion annually on cybersecurity for just IoT devices.

How much does a cyberattack cost business?

Looking at a common attack vector, a DDoS attack, The Ponemon Institute estimates that a company will lose approximately $1.7 million. The major expense is in the form of lost services, $517,599. Other costs come in at $414,128 for technical support, $229,071 for lost productivity, $346,062 for disruption of normal operations, and $199,201 for damage/theft of IT assets.

It’s also estimated that businesses are hit with an average of eight DDoS attacks a day, all thanks to the exponentially increasing number of unsecured IoT devices.

So what’s so difficult about IoT device management?

“It’s hard to evaluate the security of a camera, or a doorbell, or something you put in an industrial machine.” 

Michael Kaiser, the executive director of the National Cybersecurity Alliance

Why should we care?

Here’s the bottom line: the IoT is here and will benefit everyone. Lives will be made easier. Processes will be more efficient. New frontiers will be discovered in healthcare, manufacturing, and almost every aspect of our lives.

While IoT devices are thought of as objects like Apple Watches, Amazon Alexa’s, or other home-based smart devices, they are actually more widely spread in business environments. According to a report by Intel and their partners, most IoT devices are in factories, businesses, and health care environments. They estimate a massive 90.6% of IoT devices are business related.

Intel believes by 2025, the total global worth of IoT technology could be as much as USD 6.2 trillion.

It’s time to prepare for the IoT. Syxsense is the first IT management solution that can discover IoT devices and start you on the road to managing. Later this year, we will be rolling out software update management and other features that will secure your IoT devices.

Learn more about the state of your IoT devices and start a trial with Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
March 20, 2018
Love0